> -Original Message-
> From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Joseph L.
> Casale
> Sent: Thursday, February 2, 2017 8:58 PM
> To: 'CentOS mailing list'
> Subject: Re: [CentOS] Spotty internet connection
>
> > -Original Message-
> > From: CentOS
> -Original Message-
> From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Matt
> Garman
> Sent: Thursday, February 2, 2017 8:52 PM
> To: CentOS mailing list
> Subject: Re: [CentOS] Spotty internet connection
>
> On Thu, Feb 2, 2017 at 7:13 PM, TE Dukes
> -Original Message-
> From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of TE Dukes
> Sent: Thursday, February 2, 2017 6:13 PM
> To: 'CentOS mailing list'
> Subject: [CentOS] Spotty internet connection
>
> How do you IT guys diagnose the problem with a spotty
On Thu, Feb 2, 2017 at 7:13 PM, TE Dukes wrote:
> Lately I have been getting slow and partial page loads, server not found,
> server timed out, etc.. Get knocked off ssh when accessing my home server
> from work, etc. Its not the work connection because I don't have
I can, but that does not address the issue that baseline AMIs provided
by CentOS are currently outdated.
Happy to help out if this is simply due to missing manpower required to test.
On Fri, Feb 3, 2017 at 10:59 AM, Hal Wigoda wrote:
> You can always build your own, no?
>
How do you IT guys diagnose the problem with a spotty internet connection?
Just spent an hour on the phone with TWC/Spectrum. Of course they don't see
anything wrong with their service.
They send me to speedtest.net. The first attempt, the page didn't fully
load, the second attempt, the page
You can always build your own, no?
(Sent from iPhone, so please accept my apologies in advance for any spelling or
grammatical errors.)
> On Feb 2, 2017, at 5:28 PM, Kadrach wrote:
>
> Hi all,
>
> the current AWS Marketplace CentOS7 AMIs (1602) are restricted to an
>
Hi all,
the current AWS Marketplace CentOS7 AMIs (1602) are restricted to an
outdated subset of EC2 instance types (at least m4.16xlarge and x1.*
are missing). The AMIs are also based on 7.2.1511, which is now quite
outdated.
Are there any concrete plans to update the AMIs? Is this due to a lack
CentOS Errata and Security Advisory 2017:0238 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0238.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
x86_64:
CentOS Errata and Security Advisory 2017:0238 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0238.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
CentOS Errata and Security Advisory 2017:0238 Important
Upstream details at : https://rhn.redhat.com/errata/RHSA-2017-0238.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
On 02/02/2017 12:37 PM, Leonard den Ottolander wrote:
So by continuing to have these memory leaks in the binary you are making
it easier for a malevolent local user to mount an attack that might
cause the "desired" privilege escalation.
I'm really struggling to explain this more simply and
On Thu, Feb 02, 2017 at 08:52:27AM +, Ned Slider wrote:
> On 02/02/17 06:32, Jon LaBadie wrote:
> > After the large update from 7.2 -> 7.3 there is
> > one major problem, the amanda backup packages.
> >
> > Strange situation, the host is the amanda server
> > is working fine at backing up all
On Thu, 2017-02-02 at 12:18 -0800, Gordon Messmer wrote:
> I apologize if my intent was unclear. I was providing you with the text
> that you should use in your bug report. I am not explaining the problem
> to you, I am showing you a clear way to explain the problem in the bug
> report. You
On 02/02/2017 11:46 AM, Leonard den Ottolander wrote:
That memory leak can be used to cause the
heap and the stack to run in to each other, and that flaw has previously
been combined with bugs in glibc to produce an exploit. The glibc bug
is now fixed, but there is still a risk that collision
On Thu, 2017-02-02 at 10:39 -0800, Gordon Messmer wrote:
> Open a new bug report and focus on this patch, exclusively:
> https://cgit.freedesktop.org/polkit/commit/src/programs/pkexec.c?id=6c992bc8aefa195a41eaa41c07f46f17de18e25c
By the way, the comment for that commit starts with:
This usage is
On Thu, 2017-02-02 at 10:39 -0800, Gordon Messmer wrote:
> It took me a while to find the patch that you mentioned, which is
> probably why your bugs are being disregarded.
It is beyond my control where patches are listed in the Red Hat bugzilla
pages. I don't think the Red Hat employee involved
On 01/30/2017 03:22 AM, George Dunlap wrote:
>
> I think that comment may be a little old. I do try to support SELinux
> -- the smoke tests I use before pushing changes have it enabled by
> default, and they use both qemu-xen and blktap.
>
> But it's difficult to help debug problems when you
On 02/02/2017 07:35 AM, Leonard den Ottolander wrote:
If that's so, why are you supplying patches to pkcheck rather than
fixing pkexec?
The patch has a fix for three memory leaks. One memory leak that allows
heap spraying in pkexec.c that according to the aforementioned article
is*directly*
On Thu, Feb 2, 2017 at 4:46 PM, -=X.L.O.R.D=- wrote:
> Selinux is way too complicated for Xen environment, there are other
> alternative to security your system than SeLinux.
But the core repository for SELinux has rules for all the Xen
functionality, which CentOS mostly
On Thu, Feb 02, 2017 at 10:55:00AM -0600, Matt wrote:
> When I have multiple scripts in /etc/cron.hourly/ using noanacron do
> they all start at same time or sequentially? I would rather they all
> went at same time in case one takes close to an hour to complete.
Sequentially. This is
I have found a drastic solution to the problem. The HDD in my development
workstation has just died.
I'm half way through the install/config on a new HDD and have tested Firefox.
The buttons are now appearing as the right size again.
A drastic but effective solution
When I have multiple scripts in /etc/cron.hourly/ using noanacron do
they all start at same time or sequentially? I would rather they all
went at same time in case one takes close to an hour to complete.
___
CentOS mailing list
CentOS@centos.org
On Thu, 2017-02-02 at 07:16 -0800, Gordon Messmer wrote:
> On 02/02/2017 06:51 AM, Leonard den Ottolander wrote:
> > pkcheck might not be directly vulnerable. However, pkexec is.
>
>
> If that's so, why are you supplying patches to pkcheck rather than
> fixing pkexec?
The patch has a fix for
On 02/02/2017 06:51 AM, Leonard den Ottolander wrote:
pkcheck might not be directly vulnerable. However, pkexec is.
If that's so, why are you supplying patches to pkcheck rather than
fixing pkexec?
If your bug report, you said, "The author clearly states that in his
example exploit he
Mozilla probably (finally) made the adjustment for 2160 lines of resolution.
LOTS of softwares need[ed] to tweak their interfaces to be usable on 4k
displays.
On Thu, Feb 2, 2017 at 6:01 AM, Gary Stainburn wrote:
> On Thursday 02 February 2017 10:22:19 John Hodrien wrote:
>
Does anyone have any info on the AWS AMI publishing process? Is there a
better place to ask?
On Wed, Jan 25, 2017 at 9:42 PM, Nico Kadel-Garcia wrote:
> On Tue, Jan 24, 2017 at 6:09 PM, Wesley Novack
> wrote:
> > Greetings! Can someone please explain
On Thu, 2017-02-02 at 06:40 -0800, John R Pierce wrote:
> On 2/2/2017 6:22 AM, Leonard den Ottolander wrote:
> > However, the fact that the binary in the example is setuid is orthogonal
> > to the fact that heap spraying is a very serious attack vector.
>
> without privilege escalation, what does
On 2/2/2017 6:22 AM, Leonard den Ottolander wrote:
However, the fact that the binary in the example is setuid is orthogonal
to the fact that heap spraying is a very serious attack vector.
without privilege escalation, what does it attack ?
--
john r pierce, recycling bits in santa cruz
Based on an article that was mentioned on this list
https://googleprojectzero.blogspot.nl/2014/08/the-poisoned-nul-byte-2014-edition.html
I found two attacker controlled memory leaks in the option parsing of
pkcheck.c. These memory leaks allow a local attacker the ability to
"spray the heap",
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
On Thursday 02 February 2017 10:22:19 John Hodrien wrote:
> The safe bet is, it doesn't, and it's something unique to you/your
> profile/your firefox configuration. Have you got an example URL that
> you're saying obviously misrenders in firefox?
>
> Does it still misbehave if you run firefox in
W dniu 01.02.2017 o 13:37, Marcin Trendota pisze:
> I have squashfs file i want use as root filesystem for diskless machines
> (PXE boot). I can't figure out how to configure it.
OK, i did it MoonWolf's way(TM). I wrote dracut module to deal with
squashfs root.
--
Over And Out
MoonWolf
On Thu, 2 Feb 2017, Gary Stainburn wrote:
It appears to be any or anywhere on the page,
whether inside DIV's, Frames or not.
They're only slightly bigger than they should be but it's enough to break page
layouts.
I've been doing some more reading and it appears that it's something to do
In article <9f43c460b0374ac3951c18dd2d477...@2sic.com>,
Daniel Reich wrote:
> Thank you for the hints
>
> I modified like you described.
> I also moved the permission part out of the loop (once at the end of the
> script is enough).
>
> Now with the "set -x" the script
On Thursday 02 February 2017 06:21:41 geo.inbox.ignored wrote:
> On 02/01/2017 08:32 AM, Gary Stainburn wrote:
> > A while back, after doing a yum update, a new version of Firefox was
> > installed and since then, the contents of my pages don't fit any more
> > because the buttons are now much
Hi, you should be able to remove the existing rpms and then do a local
install using rpms from vault, perhaps
http://vault.centos.org/7.2.1511/os/x86_64/Packages/
I haven't specifically done this for amanda, but the process has worked for
other packages.
Please make sure you have a reliable
On 02/02/17 06:32, Jon LaBadie wrote:
After the large update from 7.2 -> 7.3 there is
one major problem, the amanda backup packages.
Strange situation, the host is the amanda server
is working fine at backing up all my remote clients.
But it has an error backing up itself.
The amanda packages
38 matches
Mail list logo